feat: granular permissions, export backup, user/role management
- PermissionSeeder: 29 permissions with role mapping (admin/manager/staff) - Policies updated to use hasPermissionTo() instead of hasRole() - ExportBackup command: JSON per-table backup with chunk processing - UserResource: CRUD users with role assignment (admin only) - RoleResource: CRUD roles with permission assignment (admin only) - UserPolicy + RolePolicy: admin-only access control - ImportCskh: detailed skip logging with color in dry-run mode - Widgets: permission-based visibility checks - Tests: 8/8 pass (21 assertions)
This commit is contained in:
@@ -22,7 +22,7 @@ class ClosingService
|
||||
]);
|
||||
}
|
||||
|
||||
if ($actor->hasRole('staff')) {
|
||||
if (! $actor->hasPermissionTo('close-ticket')) {
|
||||
throw new HttpException(403, __('Chỉ lãnh đạo cấp phòng mới có quyền đóng phiếu.'));
|
||||
}
|
||||
|
||||
|
||||
Reference in New Issue
Block a user